www.aguamarina.top
Open in
urlscan Pro
185.162.89.65
Malicious Activity!
Public Scan
Submission: On August 27 via automatic, source openphish
Summary
This is the only time www.aguamarina.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Swiss Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 185.162.89.65 185.162.89.65 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
3 | 104.75.88.194 104.75.88.194 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 194.41.184.89 194.41.184.89 | 12511 (CH-POSTNE...) (CH-POSTNETZ Post CH AG) | |
1 | 50.16.216.118 50.16.216.118 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 13.224.96.105 13.224.96.105 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.185.147.73 18.185.147.73 | 16509 (AMAZON-02) (AMAZON-02) | |
29 | 6 |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: sv402.hostbudget.net
www.aguamarina.top |
ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-216-118.compute-1.amazonaws.com
api.ipify.org |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-105.zrh50.r.cloudfront.net
tag.aticdn.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-147-73.eu-central-1.compute.amazonaws.com
mond.post.ch |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
aguamarina.top
www.aguamarina.top |
517 KB |
3 |
tiqcdn.com
tags.tiqcdn.com |
40 KB |
2 |
post.ch
fonts.post.ch mond.post.ch |
42 KB |
1 |
aticdn.net
tag.aticdn.net |
24 KB |
1 |
ipify.org
api.ipify.org |
217 B |
29 | 5 |
Domain | Requested by | |
---|---|---|
22 | www.aguamarina.top |
www.aguamarina.top
|
3 | tags.tiqcdn.com |
www.aguamarina.top
tags.tiqcdn.com |
1 | mond.post.ch |
www.aguamarina.top
|
1 | tag.aticdn.net |
tags.tiqcdn.com
|
1 | api.ipify.org |
tags.tiqcdn.com
|
1 | fonts.post.ch |
www.aguamarina.top
|
29 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.post.ch |
Subject Issuer | Validity | Valid | |
---|---|---|---|
fonts.post.ch SwissSign Server Gold CA 2014 - G22 |
2021-05-27 - 2022-05-27 |
a year | crt.sh |
*.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2021-01-19 - 2022-02-19 |
a year | crt.sh |
mond.post.ch SwissSign Server Gold CA 2014 - G22 |
2019-10-21 - 2021-10-21 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
http://www.aguamarina.top/audios/disco11/last/ins/
Frame ID: 24F1B7DCF40D2223E5CA76669F20BCCF
Requests: 27 HTTP requests in this frame
Frame:
http://www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/saved_resource.html
Frame ID: 396C1683F55412FA88E49F21A4E5FE39
Requests: 1 HTTP requests in this frame
Frame:
http://www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/saved_resource(1).html
Frame ID: 69F7616FF718BE6C70957DF32068B62A
Requests: 1 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Website
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.aguamarina.top/audios/disco11/last/ins/ |
256 KB 36 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utag.js.download
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
137 KB 138 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
post.css
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
752 KB 127 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logrend.css
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.2.1.min.js.download
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
85 KB 85 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
staticasset
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
11 KB 11 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utag.sync.js.download
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
109 B 318 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lockscreen.d70903c40f40c0932d6e.min.js.download
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
618 B 827 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendors_iframe-resizer.1e7931ee421df9f8f683.min.js.download
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
17 KB 17 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendors_bootstrap-collapse_bootstrap-modal_carousel_cwf-accordion_flex-forms_jquery_klp-widget_modal_readMore.9668de6695216a8fc183.min.js.download
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
91 KB 91 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trapfocus.e612be736264bef7944e.min.js.download
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
752 B 961 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
post-logo-de.svg
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sesam-buttons.css
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-statics-cache-filter.css
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
60 B 331 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginRegistration.js.download
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
1 KB 1 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frutiger55roman.woff
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utag.js
tags.tiqcdn.com/utag/schweizerischepost/secure/prod/ |
137 KB 29 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource.html
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ Frame 396C |
149 B 343 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource(1).html
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ Frame 69F7 |
149 B 343 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow.svg
www.aguamarina.top/audios/disco11/last/ins/img/ |
708 B 708 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FrutigerNeueLTW05-Regular.woff2
fonts.post.ch/frutiger/ |
41 KB 42 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
api.ipify.org/ |
33 B 217 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frutiger55roman.ttf
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utag.332.js
tags.tiqcdn.com/utag/schweizerischepost/secure/prod/ |
42 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frutiger65bold.woff
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smarttag.js
tag.aticdn.net/597880/ |
91 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 356 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mond.post.ch
mond.post.ch/ |
35 B 151 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frutiger65bold.ttf
www.aguamarina.top/audios/disco11/last/ins/Login%20-%20Die%20Post_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Swiss Post (Transportation)49 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| Unic object| html5 object| Modernizr function| yepnope object| webpackJsonpPortal object| digitalData object| utag_err boolean| utag_condload function| getCookie object| $jsonp undefined| defaultConsent undefined| cookieArr object| utag undefined| pad undefined| updateCookie function| _tealium_old_error boolean| __tealium_twc_switch object| UnicTMSHelper function| callback boolean| isSafari string| client_device_userAgent object| TiQ_GlobalEventTracker function| delayTracker function| event_init function| createElementEnrichmentVarsObject function| startTracker object| ATInternet function| ATCustomEvent object| atitracker object| v object| vc number| v0 number| v1 number| v2 number| vc0 number| vc1 number| vc2 number| len0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.ipify.org
fonts.post.ch
mond.post.ch
tag.aticdn.net
tags.tiqcdn.com
www.aguamarina.top
104.75.88.194
13.224.96.105
18.185.147.73
185.162.89.65
194.41.184.89
50.16.216.118
05dc321f39402345e5d4abd948d45bfd0b87f5cebc1fb9b25da070aebb5e4720
0904a39e11f47861c5beee956cb68b7cfea09393afd280d92cb5977658019387
1b4a87de5b61fb3a94d950ce553620234018a247437cd5caac60ba73691b1c3f
2327716fd34176fe27eb3cfa7bb26ac072b72a8d406709e4a11124cd96a052e8
247516d451f7bebfcb3a41fb81987cf491ae9c174f68af2ad032d4490d90a0e9
33db14098bf834638220e962a1562e4d6bceee589fa4ae01cc2602e4041a5c24
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
3d2543c78b3107d6841e5113035914aede9f321809f94d4a153af4e91056aac9
5f73f6d8e62af5a4bf88224c0db7d19d206b45ed7ddafe6fd53bc27e69455e75
61310e10b0cedcfbb60654fcb113828e3609052112fa443a01bd55b1c072b70a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
77695a6bddca0a46cfde9ac98ed7cc4220879bac25ea690a9d84a0792b43d8db
8184554639aeef10f9c9bd29fc9fca7770d73a0976e125af7aff45587c56c7bd
86e6333345575e50c4deb7c8a00ecb622a87984ed60d2021c24813f93a82f575
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
93751316282b82ef6dabb8152f08a61026737e144018cb9e763e753be99af46e
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
d27dc71e0b55d0e1808c5c6b2c2c41866b881989d759ce4e443322dab87e6374
df11a7ad1edb6390cfc96148d4ac682d2650dd4a4f6b3780a891e0399867cc7d
e6588910b958f4a9a306c50e9d07bf7be49ba583b195c0f8fe834cd116bdc49b
ef23b7b937579a5366f5537c73230b0c13393e3e07aa140f6c16b8a4dd0b27fe
f11f38e78440aaef27e2c9787486287837d09a5920bfd05cc1f602f7f2204410